Search form

Search

Security

Computer security and the lack of computer security is a fundamental issue that underpins much of how the Internet does (and doesn't) function. Many of the policy issues that EFF works on are linked to security in deep ways including privacy and anonymity, DRM, censorship, and network neutrality.

EFF works directly on a wide range of security issues including increased deployment of cryptographic protocols through projects like HTTPS Everywhere and Certbot; improving the security of those protocols with the SSL Observatory; offering legal assistance to researchers through our Coders' Rights Project; offering practical security advice to activists through the surveillance self-defense project; directly auditing open source codebases; and working on the development of new security standards.

Security Highlights

The web is in the middle of a massive change from non-secure HTTP to the more secure HTTPS protocol. All web servers use one of these two protocols to get web pages from the server to your browser. HTTP has serious problems that make it vulnerable to eavesdropping and content...

EFF's Coders' Rights Project protects programmers and developers engaged in cutting-edge exploration of technology. Security and encryption researchers help build a safer future for all of us using digital technologies, but too many legitimate researchers face serious legal challenges that prevent or inhibit their work. These challenges come from laws...

As the violence escalates across Syria, so do the campaigns of targeted malware attacks against Syrian activists, journalists, and members of the opposition, which covertly install surveillance software on their computers. Syrians are growing more aware of the danger these campaigns pose to their security and the security of their...

The Peruvian National Anthem proudly proclaims: “We are free! May we always be so!” Yet the Peruvian Congress is considering a sweeping new computer crime bill that threatens the privacy and online free expression of law-abiding Peruvians. Peruvians should stand against this ill-conceived bill that will place limits on...

At the Black Hat security conference in Las Vegas this week, Javier Galbally revealed that it’s possible to spoof a biometric iris scanning system using synthetic images derived from real irises. The Madrid-based security researcher’s talk is timely, coming on the heels of a July 23 Israeli...

The FinFisher spyware, produced by the UK-based Gamma Group, has been for years as elusive as it was notorious. Since protesters found FinFisher company records in an abandoned Egyptian state security building last year, security researchers and activists around the world have been eager to get their hands on...